How do I enable HTTPS / TLS support?

Follow the steps below to configure your OoklaServer instance to use TLS.

Automatic LetsEncrypt Provisioning

With OoklaServer 2.6 we have introduced automatic certificate provisioning using LetsEncrypt to encrypt traffic when supported. If your server does not have a certificate specified manually in OoklaServer.properties we will attempt to automatically provision a certificate.

This process is designed to be hands off and should work without any configuration required if your server can reach http://host-api.speedtest.net.

Manual Configuration

1. Edit your OoklaServer.properties file to include the following uncommented lines:

2. Ensure the path for your certificate and key file are correct. This should be a PEM certificate file. Make sure your certificate file includes the full trust chain back to the issuing Certificate Authority.

3. Restart OoklaServer. You should see "SSL Context Initialized" shortly after launch if your setup worked.

Troubleshooting

Check your OoklaServer logs or console output for a message about SSL initialization. This will have more detailed information about why the daemon may be having issues loading the certificates or requesting a LetsEncrypt certificate.